April 2012 OCS 2007 R2 Updates Available

In case you missed it, yesterday new updates were released for Microsoft OCS 2007 R2.

The NextHop write-up does a good job detailing all the issues that are addressed: Office Communications Server 2007 R2 Updates Now Available: April 2012.

The two noteworthy updates from my perspective are:

  1. Microsoft push notification messages are not delivered to Lync mobile clients
    • This applies to Lync deployments if you are using a Lync pool with an OCS 2007 R2 edge.
  2. OWA does not work correctly in an Office Communications Server 2007 R2 environment that has OWA integration configured
    • There has been reported issues in the field with the OWA integration in an OCS 2007 R2 environment, and this should address them.
Share and Enjoy:
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • LinkedIn
  • MySpace
  • Reddit
  • Technorati

Tips for Managing Lync User Policies

New post on InsideLync.com: Tips for Managing Lync User Policies (http://blog.insidelync.com/2012/04/tips-for-managing-lync-user-policies/)

Share and Enjoy:
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • LinkedIn
  • MySpace
  • Reddit
  • Technorati

Lync Mobile DNS Records Added to RUCT

A quick post to let followers of my Remote UC Troubleshooting Tool (RUCT) for Lync and OCS know that the DNS records used by the Lync mobility clients to auto-discover the Lync mobility service have been added.

Specifically you now have the option of querying the locally configured DNS server for the following records:

  • Lyncdiscover.<domain.com>   (both CNAME or A record)
  • Lyncdiscoverinternal.<domain.com>  (both CNAME or A record)

From the same screen you can ping the resulting hostname or test the port availability on any of the Lync DNS record matches.

Here is a sample screen shot with the Lync Auto-Discovery Mobility DNS record:

RUCT - Mobility Records Added

See http://blog.insideocs.com/2011/11/14/the-remote-uc-troubleshooting-tool-ruct/ for more information on this free Windows tool.

More information about the Lync Mobility DNS records can be found here:

Share and Enjoy:
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • LinkedIn
  • MySpace
  • Reddit
  • Technorati

Top 10 Facts for Planning a Lync 2010 Client Deployment

New post on InsideLync.com: Top 10 Facts for Planning a Lync 2010 Client Deployment.

Share and Enjoy:
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • LinkedIn
  • MySpace
  • Reddit
  • Technorati

Migrating your OCS Federated Partner Settings to Lync

During the edge migration stage of an OCS to Lync migration, you will likely need to re-establish existing OCS federated partner settings on the new Lync Edge pool.

If you have previously established direct federation connections between OCS and many federated partners that you explicitly allow, the thought of having to manually re-enter these federation settings in Lync isn’t very appealing.

Whenever a lot of manual administration is required, PowerShell comes to mind. Indeed, in this case it can be used to ease the pain of having to manually retype the federated partner domain, and optionally, the associated edge server FQDN.

In this post I provide a small PowerShell script that you can run on your OCS 2007 R2 Edge server that can be used to export your existing federated partner settings in the format of another PowerShell script that can be run to re-import those settings into Lync.

Caveatyour existing OCS partner federation settings could differ slightly. It is important to understand what this script is doing (it is straightforward) and tweak it to your configuration.

The following script runs on the OCS 2007 R2 edge and utilizes WMI – specifically the OCS 2007 R2 MSFT_SIPFederationPartnerTable class – to export a list of the federated partner domains:

Get-WmiObject -class MSFT_SIPFederationPartnerTable | ForEach-Object

{

   $domain = [System.String]$_.Domain

   $edgeProxy = [System.String]$_.EdgeProxyAddress

   if ($edgeProxy -eq "")

   {

      write-output "New-CsAllowedDomain -Identity `"$domain`" -MarkForMonitoring `$True"

   }

   else

   {

       write-output "New-CsAllowedDomain -Identity `"$domain`" -ProxyFqdn `"$edgeProxy`" -MarkForMonitoring `$True"

   }

}

Save the above script to a PowerShell .ps1 file (e.g. EdgeFed.ps1). To run it in Powershell you will likely first need to set the ExecutionPolicy to allow scripts to run:

> Set-ExecutionPolicy Unrestricted

Invoking this script on the OCS Edge server (e.g. run “.\EdgeFed.ps1” in a PowerShell command window) will produce output similar to the following:

New-CsAllowedDomain -Identity "contoso.com" -MarkForMonitoring $True

New-CsAllowedDomain -Identity "fabrikam.com" -ProxyFqdn "im.fabrikam.com" -MarkForMonitoring $True

.

.

The script exports each federated partner setting and formats it into a Lync PowerShell “New-CsAllowedDomain” cmdlet which will add the partner as a new allowed federated domain in Lync.

Pipe the output of this script to another .ps1 file that can used on your Lync Edge (i.e. run “.\EdgeFed.ps1 > LyncFedSettings.ps1”).

To import the allowed federated partners into Lync, put the output file (e.g. LyncFedSettings.ps1) on your Lync Front-End or Edge server and run it in the Lync Management Shell.

You can see the new federated partner allow list with the Get-CsAllowedDomain cmdlet, or in the Lync Control Panel (External User Access | Federated Domains).

If your OCS federated partner settings differ from the explicit allow list method, and you need an automated solution, take a look at the WMI Classes for Office Communications Server. There is probably a WMI class that exposes these settings and can be scripted, and you can just modify the script above.

Addition OCS to Lync Migration Articles

Share and Enjoy:
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • LinkedIn
  • MySpace
  • Reddit
  • Technorati

Microsoft Lync 2010 for the iPhone and iPad Released

More information cross-posted on InsideLync.com: Microsoft Lync 2010 for the iPhone and iPad Released.

Share and Enjoy:
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • LinkedIn
  • MySpace
  • Reddit
  • Technorati

Lync 2010 Mobility Service and Documentation Available

Details posted on InsideLync: Lync 2010 Mobility Service and Documentation Available for more information.

Share and Enjoy:
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • LinkedIn
  • MySpace
  • Reddit
  • Technorati

Quick Tip – External Contacts with Lync Coexistence

I was involved in a recent Lync migration where a new Lync pool was deployed side-by-side with an OCS 2007 R2 pool. Several pilot users were moved to the new Lync pool and the OCS 2007 R2 edge server was still being used for external Lync and OCS user services.

Everything worked as planned except the Lync users on the new Lync pool were getting the infamous “Presence Unknown” for both Public IM (PIC) contacts and their Federated Contacts.

All the basics were checked – connectivity between the new Lync pool and the OCS 2007 R2 edge, certificates, etc…, and everything looked okay.

What solved the problem in the end was rebooting the OCS 2007 R2 edge server.  After the OCS edge server was rebooted, all of the PIC and Federated contacts for the new Lync pool users started to work.  I am not sure exactly what effect rebooting the edge had, but wanted to pass it along in case it helped someone else.

Share and Enjoy:
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • LinkedIn
  • MySpace
  • Reddit
  • Technorati

The Remote UC Troubleshooting Tool (RUCT)

I haven’t done a blog entry for awhile on InsideOCS because I have spent a lot of my extra time developing a small free tool called: The Remote UC Troubleshooting Tool (RUCT).

The tool was born out of my former MOCLogin troubleshooting tool, but I decided to rename it because of the expanded features and all the great things it can do besides just troubleshoot DNS entries with Communicator and Lync client automatic sign-in.

I’ll go on record as saying that I think this is one of the best tools available for troubleshooting Lync and Communicator certificate issues!

A full description of RUCT is available here, and the tool can be downloaded here.

Here is a summary of what the tool can do:

1.    Easily Query Important DNS Records used by Microsoft Lync Server and OCS.

DNS queries for the following Lync and OCS records are issued with one-click:

  • All Lync and Communicator internal and external records used for automatic sign-in.
  • Lync sign-in records used for Lync Online (in Office 365).
  • Lync simple URL records used for Dial-In, Meetings, and Administration.
  • Home registrar location records used by Lync devices.
  • The automatic partner discovery record used in an Open Federation configuration.

2.    Test Network Availability.

  • Easily test the network connectivity to the hostname and port belonging to any matching DNS SRV record, or IP address belonging to an A record.
  • A TCP connection is attempted for hostnames and ports, and a ping is attempted for IP addresses.

3.    Certificate Retrieval, Installation, and Export.

  • The tool can remotely retrieve X509 Certificate information on any Lync or OCS port that is secured using TLS (or SSL).  Certificate information returned includes the Common Name (CN), Subject Name, Issuer, Certificate Authority, Expiry Date, Creation Date, and Subject Alternative Names (SANs), and the complete certificate chain.
  • The remote certificate can also be installed locally or exported to a file. This makes client access to labs and self-signed certificates much easier to setup.

4.    Easily Retrieve Important Client-Side Troubleshooting Information.

  • Important client-side environment settings such as O/S version, 32-bit or 64-bit, current domain credentials, and Lync/Communicator sign-on settings are automatically retrieved and consolidated in one place.
  • Recent Lync and Communicator specific event log errors and warnings can be retrieved with one-click.

Screenshots

DNS Information

Certificate Functionality

Client Troubleshooting

I hope this tool is a big help to people troubleshooting Lync Server and OCS issues.  Feel free to provide any feedback.

Share and Enjoy:
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • LinkedIn
  • MySpace
  • Reddit
  • Technorati